Accepting request 964892 from home:fos:branches:devel:kubic:ignition

- Add ignition-touch-selinux-autorelabel.conf: Trigger SELinux autorelabel after Ignition runs; Ignition would support SELinux itself, however this is a compile time option, so it can't be used here.
- Filter commented lines in ignition-mount-initrd-fstab.service

OBS-URL: https://build.opensuse.org/request/show/964892
OBS-URL: https://build.opensuse.org/package/show/devel:kubic:ignition/ignition?expand=0&rev=88
This commit is contained in:
Ignaz Forster 2022-03-25 15:23:52 +00:00 committed by Git OBS Bridge
parent c489446194
commit 6957e768d0
6 changed files with 20 additions and 2 deletions

View File

@ -18,6 +18,10 @@ Changes for openSUSE / SLE:
Set timeout for Ignition device so boot will just continue if no physical
Ignition configuration device is attached (e.g. when using platform
specific configuration).
* ignition-touch-selinux-autorelabel.conf:
Trigger SELinux autorelabel after Ignition runs; Ignition would support
SELinux itself, however this is a compile time option, so it can't be
used here.
* ignition-suse-generator:
Supplements the upstream generator by adding dependencies to
ignition-setup-user.service and ignition-mount-initrd-fstab.service.

View File

@ -18,6 +18,6 @@ Before=ignition-files.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/bin/sh -c 'eval $(awk '"'"'$4 ~ /x-initrd.mount/ {print "if ! findmnt /sysroot" $2 " >/dev/null; then mount -t " $3 " -o " $4 " " $1 " /sysroot" $2 "; fi;" }'"'"' /sysroot/etc/fstab)'
ExecStart=/bin/sh -c 'eval $(awk '"'"'$4 ~ /x-initrd.mount/ && $1 !~ /^#/ {print "if ! findmnt /sysroot" $2 " >/dev/null; then mount -t " $3 " -o " $4 " " $1 " /sysroot" $2 "; fi;" }'"'"' /sysroot/etc/fstab)'
ExecStop=/bin/sh -c 'if [ -f /sysroot/etc/systemd/system-preset/20-ignition.preset ]; then while read line; do systemctl --root=/sysroot $line; done < /sysroot/etc/systemd/system-preset/20-ignition.preset; fi'
ExecStop=/usr/bin/umount -a -O "x-initrd.mount"

View File

@ -0,0 +1,2 @@
[Service]
ExecStart=/usr/bin/sh -c 'if [ -e /sysroot/etc/selinux/.relabelled ]; then >> /sysroot/etc/selinux/.autorelabel; fi'

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Fri Mar 25 09:59:53 UTC 2022 - Ignaz Forster <iforster@suse.com>
- Add ignition-touch-selinux-autorelabel.conf:
Trigger SELinux autorelabel after Ignition runs; Ignition would
support SELinux itself, however this is a compile time option, so
it can't be used here.
- Filter commented lines in ignition-mount-initrd-fstab.service
-------------------------------------------------------------------
Fri Mar 4 10:46:21 UTC 2022 - Fabian Vogt <fvogt@suse.com>

View File

@ -36,6 +36,7 @@ Source10: ignition-enable-network.service
Source11: ignition-enable-network.sh
Source12: ignition-kargs-helper
Source13: ignition-remove-reconfig_system.service
Source14: ignition-touch-selinux-autorelabel.conf
Source20: ignition-userconfig-timeout.conf
Source21: ignition-userconfig-timeout-arm.conf
Patch2: 0002-allow-multiple-mounts-of-same-device.patch
@ -87,7 +88,7 @@ which creates firstboot_happened after the first boot.
mkdir dracut/30ignition-microos grub systemd_suse
chmod +x %{SOURCE3} %{SOURCE4} %{SOURCE8} %{SOURCE12}
cp %{SOURCE1} %{SOURCE3} %{SOURCE4} %{SOURCE8} %{SOURCE9} %{SOURCE10} %{SOURCE11} %{SOURCE13} dracut/30ignition-microos/
cp %{SOURCE1} %{SOURCE3} %{SOURCE4} %{SOURCE8} %{SOURCE9} %{SOURCE10} %{SOURCE11} %{SOURCE13} %{SOURCE14} dracut/30ignition-microos/
%ifarch aarch64 %{arm}
cp %{SOURCE21} dracut/30ignition-microos/ignition-userconfig-timeout.conf
%else

View File

@ -23,6 +23,8 @@ install() {
"$systemdsystemunitdir/ignition-mount-initrd-fstab.service"
inst_simple "$moddir/ignition-userconfig-timeout.conf" \
"$systemdsystemunitdir/dev-disk-by\x2dlabel-ignition.device.d/ignition-userconfig-timeout.conf"
inst_simple "$moddir/ignition-touch-selinux-autorelabel.conf" \
"$systemdsystemunitdir/ignition-files.service.d/ignition-touch-selinux-autorelabel.conf"
inst_simple "$moddir/ignition-suse-generator" \
"/etc/systemd/system-generators/ignition-generator"
inst_script "$moddir/ignition-enable-network.sh" \